Hi.
Here there are other informations about the configuration of mail system.
1. The mail system use virtual users.
2. The postfix main.cf is:
# Enable SASL authentication in the Postfix SMTP server
smtpd_sasl_auth_enable = yes
# Postfix 2.3 and later
#smtpd_sasl_path = smtpd
# Only accept mail from trusted networks, authenticated clients or mail
with
# a 'RCPT TO' address that Postfix is forwarder or final destination for
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unauth_destination,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client combined.njabl.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
# Enable inter-operability with old SMTP clients
broken_sasl_auth_clients = yes
# Name of the Postfix SMTP server's local SASL authentication realm
smtpd_sasl_local_domain = $mydomain
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
#smtpd_sasl_security_options = noanonymous
smtpd_sasl_security_options =
# Quota e delivery
virtual_transport = qdeliver
qdeliver_destination_concurrency_limit = 1
qdeliver_destination_recipient_limit = 1
3. The master.cf is:
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
4. The /var/local/lib/sasl2/smtpd.conf is:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
#authdaemond_path: /var/sasl2/socket
authdaemond_path: /var/run/courier-auth/socket
log_level: 7
Thanks.
Luciano.
On 22.08.14, 16:23, giacomo wrote:
> Hello everyone.
> I recently created a mail server based on Postfix with MySQL and
> SASL authentication and TLS. I have problems to use authentication
> SASL. The errors are:
>
> telnet 192.168.1.242 25
> Trying 192.168.1.242...
> Connected to 192.168.1.242.
> Escape character is '^]'.
> 220 mail2.domain.com ESMTP Postfix
> ehlo tin.it
> 250-mail2.domain.com
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-AUTH PLAIN LOGIN
> 250-AUTH=PLAIN LOGIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> AUTH PLAIN AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==
> 535 5.7.8 Error: authentication failed: generic failure
>
> /var/maillog
>
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: SASL authentication failure: could not verify password
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: SASL authentication failure: Password verification failed
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: unknown[192.168.1.248]:
> SASL PLAIN authentication failed: generic failure
>
> System OpenBSD v. 5.5
>
> Packages:
>
> courier-authlib-0.65.0p2
> courier-authlib-mysql-0.65.0p5
> courier-imap-4.13p0
> courier-pop3-4.13p0
> cyrus-sasl-2.1.26p10-mysql
> mysql-client-5.1.73v0
> mysql-server-5.1.73v0
>
> Port:
> postfix-2.12.20140109-sasl2-mysql (compilated to enable SASL e MySQL)
>
> In the old version of OpenBSD it seam to work.
>
> Any suggestions?
>
> Thanks.
>
>
> --
> Isaia Luciano
> ----------------------------------------------
> Le informazioni contenute nella presente e-mail e nei documenti/files
> eventualmente allegati sono confidenziali. Essi sono riservati
> esclusivamente al destinatario della stessa. La loro eventuale
> comunicazione, diffusione o, comunque, rivelazione a terzi, nonche' la
> copiatura e/o conservazione e' vietata. Se avete ricevuto questa e-mail per
> errore, Vi preghiamo cortesemente di informare immediatamente il mittente
> della stessa e di distruggerla o, comunque, cancellarla dal Vostro sistema.
>
> This e-mail contains confidential and/or privileged information. If you are
> not the intended recipient (or have received this e-mail in error), please
> notify the sender immediately and destroy this e-mail. Any unauthorised
> communication, diffusion, disclosure and copy of the material in this
> e-mail is strictly forbidden.
> ----------------------------------------------
